Sign in
Take full control of your business finances using BEPI’s smart, automated tools
Privacy Policy
Information About Us
Who we are
Bepi is a UK-based financial services provider and a fully regulated Electronic Money Institution
(EMI), authorized and supervised by the UK Financial Conduct Authority (FCA). We deliver
secure, compliant, and scalable financial infrastructure designed for modern, globally operating
businesses.
Our platform enables companies to manage multi-currency accounts, issue virtual corporate
cards, execute domestic and international payments, and access transparent foreign exchange
services - all through a single, integrated solution. Bepi serves fintech’s, marketplaces, SaaS
platforms, and international enterprises that require reliability, regulatory certainty, and
operational efficiency at scale.
Compliance, data protection, and information security are foundational to how we operate. We
process personal data responsibly and in accordance with applicable data protection laws,
including the UK GDPR and other relevant regulatory requirements. Safeguarding client data,
funds, and transactions is central to our role as a regulated financial institution.
Bepi combines regulatory rigor with modern technology, enabling our clients to move fast while
remaining compliant, secure, and in control.
Introduction
At Bepi, privacy and trust are not optional - they are part of our license to operate. We apply
robust governance, internal controls, and risk management frameworks to ensure personal data is handled lawfully, transparently, and securely across all our services.
This Privacy Policy explains how we collect, use, store, and protect personal data when you
interact with Bepi, our products, our website, or our services.
The Information We Process
The types of personal information we collect
Personal data refers to any information relating to an identified or identifiable individual. This
includes information that directly identifies you, such as your name and contact details, as well
as information that may identify you indirectly, such as identification numbers, electronic
location data, online identifiers, or transactional data.
Depending on the nature of your relationship with Bepi - whether you are an individual
customer, a business customer, an authorized representative, a beneficial owner, a cardholder, or a visitor to our website - we may collect and process personal data at the start of, and throughout, our relationship with you, and thereafter in accordance with applicable legal and regulatory retention requirements.
We collect personal data through various channels, including directly from you, from your
employer or organization, from third parties, and through your use of our services, platforms,
websites, and applications.
Categories of personal data we may process include:
security numbers, beneficial ownership information, source of funds and source of wealth
information, and related compliance records;
with us, and content accessed or downloaded via our digital channels.
Special categories of personal data
In limited circumstances, and strictly where required by law or for legitimate regulatory
purposes, Bepi may process special categories of personal data. This may include processing for
the purposes of complying with anti-money laundering (AML), counter-terrorist financing
(CTF), fraud prevention, regulatory reporting, handling complaints, or ensuring accessibility of
our services.
Such data may include information relating to:
Bepi processes special categories of personal data only where explicit consent has been obtained or where such processing is otherwise permitted or required under applicable data protection laws.
How We Obtain Information?
Your information includes all personal and financial data that we collect and hold about you.
This may relate to you as an individual customer, a business customer, or in your capacity as a
director, authorised user, employee, cardholder, proprietor, or beneficial owner of a business, as
well as information relating to transactions conducted through our services.
We collect personal data through a variety of channels, including directly from you, from your
organisation, from our clients and partners, from third parties, and through your interaction with
our digital platforms and services.
Information you provide directly to us
Information you provide when using our website or digital platforms
When you register on our website, complete forms, participate in surveys, access our
applications, or engage with our Sandbox, API, or Developer Centre, we may collect personal
data such as your name, address, email address, telephone number, date of birth, identification
details, job title, and company information.
If you interact with us via social media, we may also collect publicly available social media
identifiers, such as your LinkedIn profile or X (formerly Twitter) username, in accordance with
your privacy settings and applicable platform policies.
Information you provide through communications and use of our services
We collect information when you communicate with us by email, phone, post, in person, or
through digital channels, and when you use our products and services. This includes records of
communications and engagement metrics, such as how, when, and how often you contact us or respond to our communications, and information about how and when you use our services.
Information provided by clients, customers, partners, and suppliers
Clients and customers
We may collect personal data about you through our business customers or clients when they use Bepi’s services, including where they enable you to access or use our services as an authorized user, cardholder, or representative.
Partners and suppliers
We may receive personal data from our partners or suppliers where they provide services to Bepi
in connection with the delivery, operation, or support of our products and services.
Information provided by third parties
We may receive personal data about you from third parties, including:
Information from publicly available sources
We may collect information from publicly available sources, such as company registries
(including Companies House), regulatory registers, and publicly accessible social media
platforms, subject to your privacy settings and applicable legal requirements. This may include
professional profile information and engagement metrics such as connections, followers, or
interactions.
Technical and usage information (IP data)
We may collect technical and usage data when you access our website or services, including:
methods;
Sandbox, API, and Developer Centre
Our Sandbox, API, and Developer Centre environments are provided to allow customers, clients,
and partners to test and evaluate Bepi’s technology. Users must not upload or process personal
data or cardholder data within these environments, except for their registered login credentials.
Cookies
We and our service providers use cookies and similar technologies to collect information about
your use of our website and digital services. Further details on our use of cookies and how to
manage your preferences are set out in our Cookies Policy.
What Do We Do With the Information We Collect?
We process personal data only where we have a lawful basis to do so and in accordance with
applicable data protection legislation. Depending on the nature of your relationship with Bepi -
whether as an individual customer, business customer, authorised representative, beneficial
owner, cardholder, partner, or supplier - we may process your personal data in the following
circumstances:
preventing fraud, ensuring platform security, or mitigating financial or operational risk;
prevention requirements; and
How we use your personal data?
We may use your personal data for the following purposes:
Where permitted by law, we may also provide information about products or services that are
similar to those you already use or have enquired about. You can opt out of marketing
communications at any time.
Do We Share Your Data?
Bepi may share personal data with selected third parties where necessary to deliver our services
or comply with legal and regulatory obligations. These third parties may include financial
institutions, payment networks, card schemes, identity verification providers, fraud prevention
agencies, technical service providers, and professional advisers.
All third-party service providers are required to process personal data only on Bepi’s
instructions, for specified purposes, and subject to appropriate contractual confidentiality and
data protection obligations.
In limited circumstances, we may be required to disclose personal data to regulators, law
enforcement agencies, courts, or government authorities where required by law or in connection with legal proceedings.
We may also share personal data with fraud prevention agencies to prevent fraud and money
laundering and to verify identity. If fraud is detected, access to certain services, finance, or
employment opportunities may be refused. Further information about fraud prevention agencies and data usage may be found via relevant industry resources such as CIFAS.
If Bepi undergoes a merger, acquisition, sale, or transfer of assets, personal data may be
transferred to a prospective or new owner, subject to appropriate safeguards and in accordance with this Privacy Policy.
Storage and International Transfers
Your personal data may be stored or processed outside the United Kingdom and/or the European
Economic Area (EEA). Where international transfers occur, we ensure that appropriate
safeguards are in place, including:
Retention of Your Data
We retain personal data only for as long as necessary to fulfil the purposes for which it was
collected, including to meet legal, regulatory, accounting, and reporting requirements.
In certain circumstances, we may retain personal data for longer periods, such as where required to handle complaints, resolve disputes, or comply with regulatory obligations.
Further information on retention periods is available upon request.
Security
Bepi takes the security of personal data seriously. We implement appropriate technical,
organizational, and physical measures to protect personal data against unauthorized access, loss, misuse, or disclosure.
Access to personal data is restricted to employees and third parties who require it to perform
their duties and who are subject to confidentiality and data protection obligations.
Your Data Protection Rights
Under applicable data protection laws, you have the right to:
Bepi does not currently carry out automated decision-making or profiling that produces legal or
similarly significant effects.
To exercise your rights or raise any questions or concerns about how your personal data is
processed, please contact us at support@bepi.uk.
You also have the right to lodge a complaint with the UK Information Commissioner’s Office
(ICO). We encourage you to contact us first so we can address your concerns promptly and
effectively.
Who we are
Bepi is a UK-based financial services provider and a fully regulated Electronic Money Institution
(EMI), authorized and supervised by the UK Financial Conduct Authority (FCA). We deliver
secure, compliant, and scalable financial infrastructure designed for modern, globally operating
businesses.
Our platform enables companies to manage multi-currency accounts, issue virtual corporate
cards, execute domestic and international payments, and access transparent foreign exchange
services - all through a single, integrated solution. Bepi serves fintech’s, marketplaces, SaaS
platforms, and international enterprises that require reliability, regulatory certainty, and
operational efficiency at scale.
Compliance, data protection, and information security are foundational to how we operate. We
process personal data responsibly and in accordance with applicable data protection laws,
including the UK GDPR and other relevant regulatory requirements. Safeguarding client data,
funds, and transactions is central to our role as a regulated financial institution.
Bepi combines regulatory rigor with modern technology, enabling our clients to move fast while
remaining compliant, secure, and in control.
Introduction
At Bepi, privacy and trust are not optional - they are part of our license to operate. We apply
robust governance, internal controls, and risk management frameworks to ensure personal data is handled lawfully, transparently, and securely across all our services.
This Privacy Policy explains how we collect, use, store, and protect personal data when you
interact with Bepi, our products, our website, or our services.
The Information We Process
The types of personal information we collect
Personal data refers to any information relating to an identified or identifiable individual. This
includes information that directly identifies you, such as your name and contact details, as well
as information that may identify you indirectly, such as identification numbers, electronic
location data, online identifiers, or transactional data.
Depending on the nature of your relationship with Bepi - whether you are an individual
customer, a business customer, an authorized representative, a beneficial owner, a cardholder, or a visitor to our website - we may collect and process personal data at the start of, and throughout, our relationship with you, and thereafter in accordance with applicable legal and regulatory retention requirements.
We collect personal data through various channels, including directly from you, from your
employer or organization, from third parties, and through your use of our services, platforms,
websites, and applications.
Categories of personal data we may process include:
- Identity and contact information, such as your full name, residential or business
- Financial information, including account details, payment and transaction data,
- Know Your Customer (KYC) and due diligence information, such as copies of
security numbers, beneficial ownership information, source of funds and source of wealth
information, and related compliance records;
- Professional and employment information, including your role, employer, business
- Product and service usage information, relating to the Bepi products and services you
- Online, technical, and usage data, including IP address, device identifiers, browser and
with us, and content accessed or downloaded via our digital channels.
Special categories of personal data
In limited circumstances, and strictly where required by law or for legitimate regulatory
purposes, Bepi may process special categories of personal data. This may include processing for
the purposes of complying with anti-money laundering (AML), counter-terrorist financing
(CTF), fraud prevention, regulatory reporting, handling complaints, or ensuring accessibility of
our services.
Such data may include information relating to:
- Racial or ethnic origin;
- Political opinions;
- Religious or philosophical beliefs;
- Biometric data used for identity verification, authentication, and fraud prevention,
- Health-related information, where relevant for accessibility or regulatory requirements;
- Information relating to an individual’s sexual orientation or personal life, where lawfully required.
Bepi processes special categories of personal data only where explicit consent has been obtained or where such processing is otherwise permitted or required under applicable data protection laws.
How We Obtain Information?
Your information includes all personal and financial data that we collect and hold about you.
This may relate to you as an individual customer, a business customer, or in your capacity as a
director, authorised user, employee, cardholder, proprietor, or beneficial owner of a business, as
well as information relating to transactions conducted through our services.
We collect personal data through a variety of channels, including directly from you, from your
organisation, from our clients and partners, from third parties, and through your interaction with
our digital platforms and services.
Information you provide directly to us
Information you provide when using our website or digital platforms
When you register on our website, complete forms, participate in surveys, access our
applications, or engage with our Sandbox, API, or Developer Centre, we may collect personal
data such as your name, address, email address, telephone number, date of birth, identification
details, job title, and company information.
If you interact with us via social media, we may also collect publicly available social media
identifiers, such as your LinkedIn profile or X (formerly Twitter) username, in accordance with
your privacy settings and applicable platform policies.
Information you provide through communications and use of our services
We collect information when you communicate with us by email, phone, post, in person, or
through digital channels, and when you use our products and services. This includes records of
communications and engagement metrics, such as how, when, and how often you contact us or respond to our communications, and information about how and when you use our services.
Information provided by clients, customers, partners, and suppliers
Clients and customers
We may collect personal data about you through our business customers or clients when they use Bepi’s services, including where they enable you to access or use our services as an authorized user, cardholder, or representative.
Partners and suppliers
We may receive personal data from our partners or suppliers where they provide services to Bepi
in connection with the delivery, operation, or support of our products and services.
Information provided by third parties
We may receive personal data about you from third parties, including:
- Service providers who support you or us in delivering financial or operational services;
- Credit reference agencies, fraud prevention agencies, law enforcement bodies, regulatory authorities, or government agencies;
- Industry, trade, or professional bodies; and
- Other financial institutions or banks, where permitted by applicable law.
Information from publicly available sources
We may collect information from publicly available sources, such as company registries
(including Companies House), regulatory registers, and publicly accessible social media
platforms, subject to your privacy settings and applicable legal requirements. This may include
professional profile information and engagement metrics such as connections, followers, or
interactions.
Technical and usage information (IP data)
We may collect technical and usage data when you access our website or services, including:
- Internet Protocol (IP) address;
- Login and authentication information;
- Browser type and version;
- Time zone settings;
- Device identifiers, operating system, and platform;
- Website usage data, including URL clickstream data, page response times, download
methods;
- Any telephone numbers used to contact our customer support teams.
Sandbox, API, and Developer Centre
Our Sandbox, API, and Developer Centre environments are provided to allow customers, clients,
and partners to test and evaluate Bepi’s technology. Users must not upload or process personal
data or cardholder data within these environments, except for their registered login credentials.
Cookies
We and our service providers use cookies and similar technologies to collect information about
your use of our website and digital services. Further details on our use of cookies and how to
manage your preferences are set out in our Cookies Policy.
What Do We Do With the Information We Collect?
We process personal data only where we have a lawful basis to do so and in accordance with
applicable data protection legislation. Depending on the nature of your relationship with Bepi -
whether as an individual customer, business customer, authorised representative, beneficial
owner, cardholder, partner, or supplier - we may process your personal data in the following
circumstances:
- Where processing is necessary to perform a contract we are about to enter into or have
- Where processing is necessary for our legitimate interests (or those of a third party),
preventing fraud, ensuring platform security, or mitigating financial or operational risk;
- Where you have provided your consent, where required;
- Where processing is necessary to comply with our legal and regulatory obligations,
prevention requirements; and
- Where processing is required to analyze, develop, improve, and maintain our products,
How we use your personal data?
We may use your personal data for the following purposes:
- To manage risk and protect you, our customers, partners, and our services from fraud,
- To comply with applicable laws, regulations, regulatory guidance, and to enforce our
- To administer your account or your organization’s account and manage our ongoing
- To communicate with you by email, telephone, post, SMS, push notification, instant
- To verify your identity and conduct customer due diligence and ongoing monitoring;
- To provide the products and services you request from us;
- To notify you of changes to our products, services, or policies;
- To ensure our website and digital platforms function effectively across devices;
- To analyze usage, performance, and trends on an aggregated and anonymized basis;
- To administer and operate our website, including testing, research, analytics,
- To enable participation in interactive features where you choose to do so;
- To maintain the security, stability, and integrity of our systems and infrastructure;
- To train staff and improve service quality;
- To investigate complaints, disputes, or potential disputes and to establish, exercise, or
Where permitted by law, we may also provide information about products or services that are
similar to those you already use or have enquired about. You can opt out of marketing
communications at any time.
Do We Share Your Data?
Bepi may share personal data with selected third parties where necessary to deliver our services
or comply with legal and regulatory obligations. These third parties may include financial
institutions, payment networks, card schemes, identity verification providers, fraud prevention
agencies, technical service providers, and professional advisers.
All third-party service providers are required to process personal data only on Bepi’s
instructions, for specified purposes, and subject to appropriate contractual confidentiality and
data protection obligations.
In limited circumstances, we may be required to disclose personal data to regulators, law
enforcement agencies, courts, or government authorities where required by law or in connection with legal proceedings.
We may also share personal data with fraud prevention agencies to prevent fraud and money
laundering and to verify identity. If fraud is detected, access to certain services, finance, or
employment opportunities may be refused. Further information about fraud prevention agencies and data usage may be found via relevant industry resources such as CIFAS.
If Bepi undergoes a merger, acquisition, sale, or transfer of assets, personal data may be
transferred to a prospective or new owner, subject to appropriate safeguards and in accordance with this Privacy Policy.
Storage and International Transfers
Your personal data may be stored or processed outside the United Kingdom and/or the European
Economic Area (EEA). Where international transfers occur, we ensure that appropriate
safeguards are in place, including:
- Transfers to countries deemed to provide an adequate level of protection by the UK
- The use of approved contractual safeguards to ensure your data remains protected.
Retention of Your Data
We retain personal data only for as long as necessary to fulfil the purposes for which it was
collected, including to meet legal, regulatory, accounting, and reporting requirements.
In certain circumstances, we may retain personal data for longer periods, such as where required to handle complaints, resolve disputes, or comply with regulatory obligations.
Further information on retention periods is available upon request.
Security
Bepi takes the security of personal data seriously. We implement appropriate technical,
organizational, and physical measures to protect personal data against unauthorized access, loss, misuse, or disclosure.
Access to personal data is restricted to employees and third parties who require it to perform
their duties and who are subject to confidentiality and data protection obligations.
Your Data Protection Rights
Under applicable data protection laws, you have the right to:
- Access your personal data;
- Request rectification of inaccurate or incomplete data;
- Request erasure of personal data in certain circumstances;
- Restrict processing in certain circumstances;
- Object to processing in certain circumstances;
- Request data portability;
- Withdraw consent, where consent is the legal basis for processing.
Bepi does not currently carry out automated decision-making or profiling that produces legal or
similarly significant effects.
To exercise your rights or raise any questions or concerns about how your personal data is
processed, please contact us at support@bepi.uk.
You also have the right to lodge a complaint with the UK Information Commissioner’s Office
(ICO). We encourage you to contact us first so we can address your concerns promptly and
effectively.
Get in touch
Have questions or need assistance? Fill out the form below, and our team will get back to you as soon as possible.